Cloud computing did not exist when data protection regulations came in. John Roberts of Redstone explains how to keep within the law
The UK Data Protection Act (DPA) is often regarded as the world’s leading law on protecting personal data. But many UK companies now adopting cloud services are not only putting data at risk, but also themselves, by breaching data protection laws. How do you comply with the DPA, whilst maintaining a cloud presence?
When the UK government passed the DPA in 1998 it was heralded as the definitive way to guarantee personal data was protected. Over the following decade, refinements to the act ensured that personal data was not just secure, but more specifically, it was secure online. This worked well when data was held on-premise, within a company’s own data centre, but the advent of cloud technology has changed all that.
What do we mean by cloud?
Just to be clear, in this context we’re referring to ‘cloud’ as infrastructure as a service. Ask many cloud service providers (CSPs) where a specific piece of data is held, and it would take them a while to answer. In most instances the cloud does not recognise national boundaries. CSPs simply move data across their often globally dispersed infrastructure at will in the most efficient way for them. This means that the IT director no longer knows where his or her data is, nor are they able to comply with the DPA.
To Continue Reading: Click Here
------------------------------------------------
Source: eweekeurope.co.uk
By: John Roberts Redstone
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment